A hypervisor, also called a virtual machine manager (VMM), is an example of system supervisory software that implements a hardware virtualization technique to allow multiple operating systems, termed guests, to run concurrently on a host computer. Since malware can attack system software at boot-time or at run-time, hypervisor security has become one of the key concerns in the field of virtualization and cloud computing. Run-time manipulations of system supervisory software by malware, that may open backdoors that allow for exploitation of the system supervisory software, have proven to be difficult to detect.
Technologies such as the Intel® Trusted Execution Environment may be used to ensure trusted boots of hypervisors. Using these technologies, hypervisors that have been manipulated by malware may be detected, and prevented from booting, during a trusted boot of the hypervisor. Using trusted boot technology, administrators of cloud computing data centers may routinely reboot servers to verify the integrity of the server's hypervisor(s), as well as other system supervisory software hosted by the server. However, periodically rebooting servers may require a high degree of planning and coordination, especially in a large data center, to assure that service requirements are met and service availability in not negatively impacted.
Software based methods may be implemented to monitor the run-time integrity of system software, such as hypervisors. However, these software based methods may actually steal clock cycles from the central processing unit (CPU) that is being used to execute the hypervisor itself, thus negatively impacting system performance. Alternatively, these software methods may steal clock cycles from other CPUs being used, or that could be used, to provide services by the data center. Additionally, these software methods may be subject to the same malware attacks as the system software they are trying to protect, thus creating a security concern. Consequently, assuring the integrity of system software in a virtualized environment, such as a cloud computing environment, is a costly endeavor.
Today's processor-based hardware lacks visibility into the run-time integrity of a hypervisor or VMM running on a system with full access privileges. Malware that has attacked the privileged system software can easily hide itself from Anti-Malware agents and hence go undetected at runtime.